#OpenFabs Ground Up Rebuild [re: secure computer]

Wed Sep 13 22:41:34 PDT 2017

On Wed, Sep 13, 2017 at 10:45 PM, Steven Schear <schear.steve at gmail.com> wrote:
> Jim Bell and I commented some time ago on this dilemma. One obvious solution
> is "table top" manufacture of VLSI.
>
> As crazy as it sounds, for at least prototyping and small (CPunk) PoC
> projects, its possible to fab a wide variety of chips, with impressive
> feature sizes, implantation, doping, etc. using Electron Beam Lithography.
> EBL is basically operating an electron microscope in reverse. Because it
> uses electrons to illuminate the substrate vs. photons it doesn't require
> any litho masks. The beams can directly write to the surfaces and with the
> appropriate techniques expose chemicals that create the "resists" of typical
> litho methods. Best of all, electron beams can be brought to a sharper focus
> than even deep UV meaning small feature size capabilities.
>
> The main reason EBL is only a tech oddity is its inability to be used for
> volume manufacture. Maybe someone in this field will do an ICO. EBL can
> potentially be operated by a much smaller staff (maybe a competent enough
> individual) than even the smallest conventional fab. With at least small
> scale manufacture and some careful design attention I think the list price
> on a rig could be < $100k USD.

If this solution uses today's computers to drive the beam, since
those computers cannot be trusted, and you can't see the beam
or resultant features, and you can't exhaustively inspect and test
each chip produced, then the entire output can't be trusted either
and the solution is rubbish. Shit can only beget shit, see:
Reflections on Trusting Trust by Ken Thompson
and the old Trusted Computing Rainbow Series.

Today you have ZERO idea exactly what's in the latest from
Intel / AMD / Qualcomm / etc. Only an implied guesstimate
that including many exploits for specific targets limits applications
and result scope, and costlier to die area, than a global set of
magic packet 0wnership... which happens to suck even more
because its then adaptable to exploit you.

I suggest that building an OpenFab capable of producing a
much higher than zero, higher than even implied guesstimates,
level of explicit trust is now within both reach and need of those
interested in its value. Certainly the problem space is better
understood such that a framework can begin to be designed.

As before, you have to rebuild it all from scratch, under a
new paradigm, before you'll ever be able to trust anything.